cvs commit: www/en/cgi Makefile query-pr.cgi querypr-code.cgi

Ceri Davies ceri at submonkey.net
Sun Dec 4 04:53:41 PST 2005 

On Sat, Nov 19, 2005 at 12:24:51PM +0000, Ceri Davies wrote:
> On Sat, Nov 12, 2005 at 10:35:29AM -0700, M. Warner Losh wrote:
> > In message: <20051112172425.GU94004 at submonkey.net>
> >             Ceri Davies <ceri at submonkey.net> writes:
> > : > > > No, just add f=raw to get the raw PR without markup.
> > : > > > http://www.freebsd.org/cgi/query-pr.cgi?pr=<PR#>&f=raw
> > : > > >                                                 ^^^^^^
> > : > > 
> > : > > If you do that, then the address is in the PR header anyway, so where's
> > : > > the problem? (yes, that elides the usefulness a little, but raw links
> > : > > are not presented on the site and are therefore less spiderable).
> > 
> > <a little off-topic text deleted>
> > 
> > Ahem.  Gettback back on track...
> > 
> > I've had a couple of private suggestions sent to me.
> > 
> > The first is to create a raw-query-pr.cgi that will just serve up one
> > PR in raw format with no links to this page.
> > 
> > The second is to add another parameter to query-pr that changes
> > quarterly.  pass=bluestarts this quarter, pass=yellowdiamons next, etc
> > (well, we wouldn't use the ingrediants to lucky charms as a
> > password).  This level of security is the same that exist on certain
> > invitation only IRC channels that are out there.  Someone has to tell
> > you the password, and the password changes from time to time.  Since
> > developer mail is project confidencial, I would guess it would be
> > sufficient to email the new password once a quarter.
> 
> I have another idea.  Committers could add a world-readable
> ~/.querypr.pass to their home directories containing a string that
> authenticates them for seeing email addresses.  Then we have some method
> to "login" (ie, set a cookie) that lasts for a month.  That method just
> checks that the string in the cookie matches the string in
> ~/.querypr.pass.
> 
> Anyway, I think that the general consensus is that the current code

I've just done this.

Any feedback on the idea floated above welcome, otherwise we'll just
stick with the status quo, I guess.

Ceri
-- 
Only two things are infinite, the universe and human stupidity, and I'm
not sure about the former.			  -- Einstein (attrib.)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-all/attachments/20051204/e2096f4a/attachment.bin

More information about the cvs-all mailing list